PCI DSS Compliance | Tips and Suggestions on overcoming one of the Biggest Initial Challenges for PCI Compliance

PCI DSS compliance requires a multitude of items that must be addressed. And though a large amount of time is spent on the network security aspects for PCI DSS compliance (firewalls, routers, web servers, etc.), an often overlooked area can cause the PCI DSS assessment to come to a screeching hault-Documented Policies and Procedures. That’s right, this is typically one of the biggest challenges facing merchants and service providers seeking to become PCI DSS compliant.

In fact, an entire Control Objective and Requirement is allotted to this area alone.

Requirement 12, which falls under one of the six (6) core functional areas, commonly known as control objectives, states that you must “Maintain a policy that addresses information security for employees and contractors”. Easier said than done, as the writing of documented policies and procedures can be very painstaking, arduous, and time-consuming, to say the least.

NDB Advisory has years of experience in drafting highly customized policy and procedure documents, so let us help you in this critical area of PCI DSS compliance.